GParted Live Is Now Patched Against the XZ Backdoor, Powered by Linux Kernel 6.7

This release is based on Debian Sid (Debian 13 "Trixie") repository as of April 8th, 2024, and ships with the latest GRUB 2.12 bootloader.
GParted Live XZ

GParted developer Steven Shiau released today GParted Live 1.6.0-3 as a new maintenance update to this powerful live system based on the popular GParted (GNOME Partition Editor) open-source disk partitioning utility to address the latest XZ backdoor and update core components.

GParted Live 1.6.0-3 is the third maintenance update to GParted Live 1.6, which was launched on February 28th, 2024, with GParted 1.6, a release that brought a change that would stop GParted from forcing a 1 MiB gap when moving the partition boundary to the right, exFAT improvements, and removed the “Attempt Data Rescue” feature and use of the gpart utility.

Based on the Debian Sid (Debian 13 “Trixie”) repository as of April 8th, 2024, GParted Live 1.6.0-3 ships XZ Utils 5.4.5-0.2 instead of the XZ Utils 5.6.0 release that contained a backdoor that could allow a remote attacker to compromise an SSH server or any software linked against the liblzma library included in the package, which injected malicious code at build time.

This means that GParted Live 1.6.0-3 is the version you want to download and use from now on if you’re doing any disk partitioning work on your computer or any other device. To be clear, if you’re reading this now, you should NOT download any previous GParted Live version lower than 1.6.0-3.

Apart from addressing the XZ backdoor, the GParted Live 1.6.0-3 release also bumps the kernel from Linux 6.6 LTS, which was used in the initial GParted Live 1.6.0 release, to Linux kernel 6.7. The live ISO image ships with Linux 6.7.9-2 from the Debian Sid repository. Also included is the latest GRUB 2.12-2 bootloader.

You can download GParted Live 1.6.0-3 right now from the official website as live ISO images for 64-bit or 32-bit systems. The developers say that GParted Live has been successfully tested on BIOS and UEFI physical computers with AMD/ATI, NVIDIA, and Intel graphics, as well as virtual machines including VirtualBox and VMware.

Last updated 2 months ago

Buy Me a Coffee at